forked from pool/rust-keylime
Alberto Planas Dominguez
e4c8388ef3
- Update vendored crates (bsc#1229952, bsc#1230029) * rustix 0.37.25 * rustix 0.38.34 * shlex 1.3.0 - Update to version 0.2.6+13: * Enable test functional/iak-idevid-persisted-and-protected * build(deps): bump uuid from 1.7.0 to 1.10.0 * build(deps): bump openssl from 0.10.64 to 0.10.66 * keylime-agent/src/revocation: Fix comment indentation * keylime/crypto: Fix indentation of documentation comment * build(deps): bump thiserror from 1.0.59 to 1.0.63 * build(deps): bump serde_json from 1.0.116 to 1.0.120 * dependabot: Extend to also monitor workflow actions * ci: Disable Packit CI on CentOS Stream 9 * ci: use CODECOV_TOKEN when submitting coverage data * revocation: Use into() for unfallible transformation * secure_mount: Fix possible infinite loop * error: Rename enum variants to avoid clippy warning OBS-URL: https://build.opensuse.org/request/show/1198288 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=74
43 lines
1.7 KiB
Diff
43 lines
1.7 KiB
Diff
Index: rust-keylime-0.2.0+git.1677002906.cf6c4f0/keylime-agent.conf
|
|
===================================================================
|
|
--- rust-keylime-0.2.0+git.1677002906.cf6c4f0.orig/keylime-agent.conf
|
|
+++ rust-keylime-0.2.0+git.1677002906.cf6c4f0/keylime-agent.conf
|
|
@@ -19,13 +19,15 @@ version = "2.2"
|
|
# of 'SHA256(public EK in PEM format)'.
|
|
#
|
|
# To override, set KEYLIME_AGENT_UUID environment variable.
|
|
-uuid = "d432fbb3-d2f1-4a97-9ef7-75bd81c00000"
|
|
+# uuid = "d432fbb3-d2f1-4a97-9ef7-75bd81c00000"
|
|
+uuid = "generate"
|
|
|
|
# The binding IP address and port for the agent server
|
|
#
|
|
# To override ip, set KEYLIME_AGENT_IP environment variable.
|
|
# To override port, set KEYLIME_AGENT_PORT environment variable.
|
|
-ip = "127.0.0.1"
|
|
+# ip = "127.0.0.1"
|
|
+ip = "0.0.0.0"
|
|
port = 9002
|
|
|
|
# Address and port where the verifier and tenant can connect to reach the agent.
|
|
@@ -41,7 +43,8 @@ contact_port = 9002
|
|
# To override registrar_ip, set KEYLIME_AGENT_REGISTRAR_IP environment variable.
|
|
# To override registrar_port, set KEYLIME_AGENT_REGISTRAR_PORT environment
|
|
# variable.
|
|
-registrar_ip = "127.0.0.1"
|
|
+# registrar_ip = "127.0.0.1"
|
|
+registrar_ip = "<REMOTE_IP>"
|
|
registrar_port = 8890
|
|
|
|
# Enable mTLS communication between agent, verifier and tenant.
|
|
@@ -151,7 +154,8 @@ revocation_actions_dir = "/usr/libexec/k
|
|
# KEYLIME_AGENT_REVOCATION_NOTIFICATION_IP environment variable.
|
|
# To override revocation_notification_port, set
|
|
# KEYLIME_AGENT_REVOCATION_NOTIFICATION_PORT environment variable.
|
|
-revocation_notification_ip = "127.0.0.1"
|
|
+# revocation_notification_ip = "127.0.0.1"
|
|
+revocation_notification_ip = "<REMOTE_IP>"
|
|
revocation_notification_port = 8992
|
|
|
|
# The path to the certificate to verify revocation messages received from the
|